docker.io/node:24.16-alpine linux/amd64

docker.io/node:24.16-alpine - Trivy安全扫描结果 扫描时间: 2026-06-24 17:34
全部漏洞信息
低危漏洞:2 中危漏洞:4 高危漏洞:1 严重漏洞:0

系统OS: alpine 3.24.1 扫描引擎: Trivy 扫描时间: 2026-06-24 17:34

docker.io/node:24.16-alpine (alpine 3.24.1) (alpine)
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
Node.js (node-pkg)
低危漏洞:2 中危漏洞:4 高危漏洞:1 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
undici CVE-2026-12151 高危 6.25.0 6.27.0, 7.28.0, 8.5.0 undici: undici: Denial of Service due to unbounded memory growth via WebSocket frames

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12151

镜像层: sha256:6966e360c462d50cda6c02920293f497cf6c749d0a3149307c9088a33530860f

发布日期: 2026-06-17 17:16 修改: 2026-06-17 20:20
ip-address CVE-2026-42338 中危 10.1.0 10.1.1 ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42338

镜像层: sha256:6966e360c462d50cda6c02920293f497cf6c749d0a3149307c9088a33530860f

发布日期: 2026-05-12 20:16 修改: 2026-06-17 10:47
tar CVE-2026-53655 中危 7.5.13 7.5.16 node-tar is a full-featured Tar for Node.js. Prior to 7.5.16, tar (nod ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53655

镜像层: sha256:6966e360c462d50cda6c02920293f497cf6c749d0a3149307c9088a33530860f

发布日期: 2026-06-22 16:16 修改: 2026-06-23 15:50
brace-expansion CVE-2026-45149 中危 5.0.5 5.0.6 brace-expansion: brace-expansion: Denial of Service due to excessive memory allocation when expanding large numeric ranges

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45149

镜像层: sha256:6966e360c462d50cda6c02920293f497cf6c749d0a3149307c9088a33530860f

发布日期: 2026-05-29 20:16 修改: 2026-06-17 10:51
undici CVE-2026-9679 中危 6.25.0 6.27.0, 7.28.0, 8.5.0 undici: undici vulnerable to HTTP header injection via Set-Cookie percent-decoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9679

镜像层: sha256:6966e360c462d50cda6c02920293f497cf6c749d0a3149307c9088a33530860f

发布日期: 2026-06-17 18:18 修改: 2026-06-17 20:20
undici CVE-2026-11525 低危 6.25.0 6.27.0, 7.28.0, 8.5.0 undici: undici: Weakening of cookie SameSite policy due to incorrect parsing of Set-Cookie header

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11525

镜像层: sha256:6966e360c462d50cda6c02920293f497cf6c749d0a3149307c9088a33530860f

发布日期: 2026-06-17 18:17 修改: 2026-06-17 20:20
undici CVE-2026-6733 低危 6.25.0 6.27.0, 7.28.0, 8.5.0 undici: Undici: Response queue poisoning on reused keep-alive sockets can lead to incorrect response delivery.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6733

镜像层: sha256:6966e360c462d50cda6c02920293f497cf6c749d0a3149307c9088a33530860f

发布日期: 2026-06-17 18:18 修改: 2026-06-17 20:20
检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×